usb: musb: musb_dsps: request_irq() after initializing musb
If IRQ occurs between calling dsps_setup_optional_vbus_irq() and dsps_create_musb_pdev(), then null pointer dereference occurs since glue->musb wasn't initialized yet. The patch puts initializing of neccesery data before registration of the interrupt handler. Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Nadezda Lutovinova <lutovinova@ispras.ru> Link: https://lore.kernel.org/r/20210819163323.17714-1-lutovinova@ispras.ru Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
1abade6456
commit
7c75bde329
|
@ -890,23 +890,22 @@ static int dsps_probe(struct platform_device *pdev)
|
|||
if (!glue->usbss_base)
|
||||
return -ENXIO;
|
||||
|
||||
if (usb_get_dr_mode(&pdev->dev) == USB_DR_MODE_PERIPHERAL) {
|
||||
ret = dsps_setup_optional_vbus_irq(pdev, glue);
|
||||
if (ret)
|
||||
goto err_iounmap;
|
||||
}
|
||||
|
||||
platform_set_drvdata(pdev, glue);
|
||||
pm_runtime_enable(&pdev->dev);
|
||||
ret = dsps_create_musb_pdev(glue, pdev);
|
||||
if (ret)
|
||||
goto err;
|
||||
|
||||
if (usb_get_dr_mode(&pdev->dev) == USB_DR_MODE_PERIPHERAL) {
|
||||
ret = dsps_setup_optional_vbus_irq(pdev, glue);
|
||||
if (ret)
|
||||
goto err;
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
err:
|
||||
pm_runtime_disable(&pdev->dev);
|
||||
err_iounmap:
|
||||
iounmap(glue->usbss_base);
|
||||
return ret;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue